package com.hlg.xboot.web.controller.sys;

import com.hlg.xboot.core.annotation.JsonExclude;
import com.hlg.xboot.enums.Status;
import com.hlg.xboot.exceptions.ErrorCode;
import com.hlg.xboot.exceptions.ParameterException;
import com.hlg.xboot.model.sys.SysUser;
import com.hlg.xboot.service.sys.SysUserService;
import com.hlg.xboot.vo.RestBody;
import com.hlg.xboot.web.controller.RestBaseModulesController;
import com.digi_zones.common.utils.CommonUtils;
import org.apache.commons.codec.digest.DigestUtils;
import org.apache.commons.lang3.StringUtils;
import org.springframework.validation.BindingResult;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RestController;
import org.springframework.web.multipart.MultipartFile;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.validation.Valid;
import java.util.Date;

/**
 * <p>Description:</p>
 * <p>Copyright: Copyright (c) 2017</p>
 * <p>Company: 中视数讯</p>
 * <p>Site: www.digi-zones.com</p>
 *
 * @author gaol
 * @version 1.0
 * @date 2017-07-24 11:26:36
 */
@RestController
@RequestMapping(value="/sys/sysuser")
public class SysUserController extends RestBaseModulesController<SysUser,SysUserService> {

    /**
     * 登录
     * @param username 用户名
     * @param password 密码
     * @return
     * @throws Exception
     */
    @JsonExclude(values = {"createTime","password","id","lock"})
    @RequestMapping(value = "/login", method = RequestMethod.POST, params = {"username", "password"})
    public RestBody login(String username, String password, HttpServletRequest request) throws Exception {
        if (StringUtils.isEmpty(username)) {
            throw new ParameterException("用户名不能为空");
        }
        if (StringUtils.isEmpty(password)) {
            throw new ParameterException("密码不能为空");
        }

        SysUser sysUser = getLoginUser(request);
        password = DigestUtils.md5Hex(password);
        if (sysUser == null) {
            sysUser = service.login(username, password);
            if (sysUser == null) {
                throw new ParameterException("用户名或密码不正确");
            } else if (sysUser.getStates().equals(Status.DISABLED.getValue())) {
                throw new ParameterException("用户已被禁用");
            }
        } else  if (!password.equals(sysUser.getPassword())) {
            throw new ParameterException("用户名或密码不正确");
        } else if (sysUser.getStates().equals(Status.DISABLED.getValue())) {
            throw new ParameterException("用户已被禁用");
        }
        sysUser.setLastLoginIP(CommonUtils.getClientIPAddress(request));
        sysUser.setLastLoginTime(new Date());
        saveLoginUser(sysUser, request);
        service.update(sysUser);
        return success(sysUser, ErrorCode.LOGIN_SUCCESS);
    }

    /**
     * 退出登录
     * @param request
     * @return
     * @throws Exception
     */
    @RequestMapping(value = "/logout", method = RequestMethod.POST)
    public RestBody logout(HttpServletRequest request) throws Exception {
        request.getSession().invalidate();
        return success();
    }

    /**
     * 修改密码
     * @param password    新密码
     * @param newPassword 旧密码
     * @param request
     * @return
     * @throws Exception
     */
    @RequestMapping(value = "/update_password", method = RequestMethod.PUT)
    public RestBody updatePassword(String username, String password, String newPassword, HttpServletRequest request) throws Exception {
        SysUser sysUser;
        if(StringUtils.isEmpty(username)){
            sysUser = getLoginUser(request);
            service.updatePassword(sysUser.getUsername(), password, newPassword);
        }else{
            sysUser = service.findByUsername(username);
            sysUser.setPassword(DigestUtils.md5Hex(newPassword));
            service.update(sysUser);
        }
        return success();
    }

    @Override
    public RestBody update(@Valid SysUser sysUser, BindingResult result, MultipartFile[] files,
                           HttpServletRequest request, HttpServletResponse response) throws Exception {
        sysUser = service.update(sysUser, files);
        SysUser currLoginUser = getLoginUser(request);
        if (sysUser.getId() == currLoginUser.getId()) {
            saveLoginUser(sysUser, request);
        }
        return success();
    }

}